hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-25 19:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,872 Commits 1,692 Branches 161 Tags
codeql-cli/v2.8.4
Commit Graph

33872 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
intrigus
d98b171998 Java: Make EnvTaintedMethod public + QL-Doc 2021-01-11 13:42:07 +01:00
intrigus
e021158b5f Java: Tighter model of HostnameVerifier#verify 
This more tightly models `HostnameVerifier#verify` previously it
was possible to accidentally match other methods called `verify`.
 2021-01-11 13:42:07 +01:00
intrigus
0a9df07df7 Apply suggestions from review. 2021-01-11 13:42:07 +01:00
intrigus
70b0703952 Java: Remove overlapping code 2021-01-11 13:42:07 +01:00
intrigus
3da1cb0879 Java: Add unsafe hostname verification query 2021-01-11 13:42:07 +01:00
intrigus
8df5d77398 Java: Model HostnameVerifier method 
Model `HostnameVerifier#setDefaultHostnameVerifier`
 2021-01-11 13:42:06 +01:00
Anders Schack-Mulligen
3a2dd8f1ed Merge pull request #4867 from RasmusWL/java-externalapis-taint-step 
Java: Fix taint-step handling for untrusted-data-external-api
 2021-01-11 13:36:59 +01:00
madneal
4e373aaf29 replace error with errors 2021-01-11 19:38:27 +08:00
Rasmus Wriedt Larsen
7d94bab75e Merge branch 'main' into django-request-handler-without-route 2021-01-11 12:24:41 +01:00
madneal
e0fc9bac08 add error for shotString 2021-01-11 19:15:22 +08:00
Rasmus Wriedt Larsen
828bb9a902 Python: Small refactor for request param modeling in Django 2021-01-11 11:29:54 +01:00
Esben Sparre Andreasen
580a24e982 JS: rewrite js/incomplete-multi-character-sanitization 2021-01-11 11:26:45 +01:00
Rasmus Wriedt Larsen
141b9adc4d Python: Minor refactoring 
Co-authored-by: yoff <lerchedahl@gmail.com>
 2021-01-11 11:18:59 +01:00
Arthur Baars
03d407e50d Merge pull request #82 from github/more_exprs 
Add AST library for control expressions (conditionals and loops)
 2021-01-11 10:35:37 +01:00
Geoffrey White
cf1d1dc5c0 C++: Remove old tags. 2021-01-11 09:31:06 +00:00
Mathias Vorreiter Pedersen
46393c33ef C++: Fix bad join orders introduced in previous commit. 2021-01-11 09:19:58 +01:00
madneal
1e2487320c address #4932,fix for errors of Binding behavior 2021-01-09 21:38:25 +08:00
Mathias Vorreiter Pedersen
a00bd7ae02 C++: Respond to review comments. 2021-01-08 19:47:02 +01:00
Geoffrey White
70ce5fde75 C++: Improve metadata for GlobalNamespaceClasses.ql. 2021-01-08 18:27:06 +00:00
Geoffrey White
a6937beee3 Merge branch 'main' into sqltaint 2021-01-08 17:27:43 +00:00
Geoffrey White
7f0209f72e Merge branch 'main' into modelclasses 2021-01-08 17:11:25 +00:00
Shati Patel
b794fcb841 Merge pull request #4925 from shati-patel/fix-links 
Fix broken links in CodeQL documentation
 2021-01-08 16:35:15 +00:00
Shati Patel
53c46edc1c Address review comments 2021-01-08 15:20:40 +00:00
Rasmus Wriedt Larsen
00c253a710 Java: Don't ignore local taint steps (fixup) 2021-01-08 15:29:01 +01:00
luchua-bc
39103af718 Remove additional taint step 2021-01-08 13:02:57 +00:00
Nick Rolfe
6d7efab820 Add ConditionalLoop base class 2021-01-08 12:20:08 +00:00
Arthur Baars
c68f6a7f2e Merge pull request #84 from github/aibaars/codeql-threads 
Actions: apply CODEQL_THREADS to all steps
 2021-01-08 13:19:01 +01:00
Nick Rolfe
6465c90a16 Rename IfOrElsifExpr to IfExpr; remove child classes 2021-01-08 11:53:15 +00:00
Anders Schack-Mulligen
e5b4975450 Merge pull request #4675 from luchua-bc/cleartext-storage-shared-prefs 
Java: Query to detect cleartext storage of sensitive information using Android SharedPreferences
 2021-01-08 12:41:34 +01:00
Nick Rolfe
15785b4535 Add db base type for CaseExpr::Range 2021-01-08 11:31:43 +00:00
Tamás Vajk
136e5c93d1 Merge pull request #4672 from tamasvajk/feature/extract-anon-types 
C#: Extract anonymous types explicitly
 2021-01-08 11:54:37 +01:00
Arthur Baars
4ef4053385 Actions: apply CODEQL_THREADS to all steps 2021-01-08 10:25:25 +01:00
CodeQL CI
807fc94627 Merge pull request #4921 from erik-krogh/moreShellSan 
Approved by esbena
 2021-01-08 00:58:26 -08:00
Tamas Vajk
800fd94572 Add DB upgrade folder 2021-01-08 08:20:49 +01:00
Tamas Vajk
056dbe31d5 C#: Remove throw completion from StringLiteral 2021-01-08 08:14:08 +01:00
Erik Krogh Kristensen
6423c32990 Update javascript/ql/src/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll 
Co-authored-by: Esben Sparre Andreasen <esbena@github.com>
 2021-01-07 22:02:39 +01:00
Nick Rolfe
6efebf1e36 Merge remote-tracking branch 'origin/main' into more_exprs 2021-01-07 19:02:50 +00:00
Nick Rolfe
6c0804c1af Address feedback on CFG change 2021-01-07 19:02:37 +00:00
Nick Rolfe
8cb8ead48e Address more feedback on ExprSequence 2021-01-07 19:02:14 +00:00
Nick Rolfe
19a4e63ac6 Move comment about getCondition from class to predicate 2021-01-07 18:01:38 +00:00
Nick Rolfe
9a71bdc993 Improvements from feedback on case/when classes. 2021-01-07 17:48:51 +00:00
Nick Rolfe
36c7d3fe5b Replace ConditionalExpr::get{Then,Else} with getBranch(boolean cond). 2021-01-07 17:32:41 +00:00
Nick Rolfe
e245382057 Merge pull request #83 from github/threads 
Parallelize extraction
 2021-01-07 17:14:41 +00:00
luchua-bc
b56fe2b25f Remove specific method name in additional taint step 2021-01-07 16:31:21 +00:00
Nick Rolfe
f4abe7f4a1 Remove ThenExpr, ElseExpr, and DoExpr from public API 2021-01-07 15:56:31 +00:00
Shati Patel
cdcb4a9599 Fix redirects from Sphinx linkcheck 2021-01-07 15:45:40 +00:00
Shati Patel
3da66b7fd9 Fix broken links from Sphinx linkcheck 2021-01-07 15:45:28 +00:00
Tamas Vajk
f971f42bb1 Add new stats file 2021-01-07 15:24:10 +01:00
Tamas Vajk
fdf5cf9dd0 C#: Extract anonymous types explicitly 2021-01-07 15:24:10 +01:00
Tom Hvitved
63f76b1b43 C#: Uniform treatment of all SSA definitions 2021-01-07 15:16:44 +01:00